“US Attacks Iran and Saudi Arabia” Malware Spreads On Facebook

The security company Sophos warns of a malicious link that is now being spread quickly on Facebook. The link gives the impression to be be coming from CNN and will take you to a fake website claiming that the U.S. has invaded Iran and Saudi Arabia.

The website also appears to have a video showing the event. However, for the user to be able to watch the video the user is asked to download the latest version of Adobe Flash.

Those who agree to download and install the fake version of Flash will get the computer infected by malware.

The malware – which Sophos detects as Troj/Rootkit-KK – drops a rootkit called Troj/Rootkit-JV onto your Windows computer. In addition, Sophos detects the behaviour of the malware as HPsus/FakeAV-J.

Within the first three hours of this malware campaign, some 60,000 Facebook users had been duped into visiting the malicious link.

Facebook announced late last week that the company was “in the process of cleaning up this spam now, and remediating any affected users.”